Are our data protected when we receive an ecommerce purchase?

As it is well said, on the internet if something does not cost you, you are the product . And when we become a product it is our data that interests us. What we do, when, where, with whom, what we buy, what videos we watch or what social networks we use to communicate with our contacts.

Have you ever wondered what happens with your data when you make a purchase in an e-commerce? And what do the transport and logistics companies do with your data?

In the transport sector, a great variety of personal data is handled to carry out a delivery service. If, in addition to handling a great variety of personal data, we add that millions of shipments are handled continuously and daily, one can see that either it adapts correctly to the Data Protection Law (RGPD) or it makes both the clients who contract the service (ecommerce companies for example) as well as the users of them (the final recipient of the package) may see their right to the protection of their personal data violated.

All transport and logistics companies are obliged to adapt their systems and train their staff so that the management of the files that contain this data is in accordance with the law since otherwise they can be sanctioned if they are reported.

How transport companies protect data
We must say that the protection of data is already a very sensitive issue that the vast majority of transport companies have addressed for many years. From personal experience I can say that more than 15 years ago I had to start up data control in my organization, and I was not the only one or the first ….

The most sensitive data handled by a transport company if we refer to customers and their shipments would be the following:

1-Data of the client: Social reason, address, emails, telephone numbers, bank details, etc.

2-Data of the shipments it generates: number of shipments, origins, destinations, etc.

3-Data of the recipients (third parties): names, surnames, addresses, emails, telephones etc.

There is another clear type of data such as those referred to the company’s own staff but if we focus these are the 3 types of data that are handled more commonly in a transport or logistics company.

Usually these data are stored in different “files”, and it is precisely these files that must be protected, since the data protection agency is informed of the type of file it is, its classification (depending on the importance of the data). type of data) , as well as those responsible for the management of those files and the way in which it is protected.

As you can see, it is a system with very specific technical requirements that are usually managed by professionals and with ” secure” access through hosting and passwords.

This is the most sensitive part in terms of data protection, but transport companies take great care that these records they own are used only for the professional activity of transport. As users of electronic commerce we must have the security and guarantee that our data will only be used for the delivery of our packages and not for other purposes.

If we have received a package recently from a transport company and the days send us a message by email or whatsapp making an offer of services, it is clear that either we have signed an authorization for it or the company would be making incorrect and illegal use of our data. Even the responsibility in this case may not end up in the transport company but also in the website or ecommerce where we have purchased since they have the requirement to us as their customers that their employees comply with the data protection law.

Sanctions in case of non-compliance
To show that it is not a minor issue, we should only look at the sanctions that may be imposed in case of non-compliance with the law. There are different regulations but the hardest is the European Regulation that starting from the minor offenses sanctioned with hundreds or thousands of euros can reach up to 20 million euros or even a percentage of the company’s turnover as they have recently sanctioned Google in France 50 million euros for violating the rules of the data protection law.

It is clear that as consumers we must claim our rights and the protection of our personal data must be one of them. We can not get carried away by “the typical” or “everyone does”, we must demand in all areas that our privacy is completely assured.

They are isolated cases like that of the delivery person who used the contact data of the shipments to harass a woman , that is why the transport and logistics companies are adapted to the data protection law as a guarantee of their service.

Leave a Reply

Your email address will not be published. Required fields are marked *